semver VS semver

Yeah, but it talks about the semver package, which is related and why it caused performance issues

This release script increments the version number of the package and publishes the package to the NPM registry (or other registry). To correctly increment the version number, npm's semver package automatically finds the next version number according to the specified level minor (major/minor/patch).

In a later post, I shall be sharing some actual examples using node-semver, which is the tool that npm uses to parse these Semantic Versioning Complaint dependencies version.

{ "server": { "host": "localhost", // Defaults to 127.0.0.1 "port": 3000, // 8080 by default "secure": { // Optional. If declared serves via https "cert": "ssl/cert.pem", "key": "ssl/key.pem" }, "base": "/", // Optional. Defaults to '/' "healthcheck": "/health", // Optional. Defaults to '/healthcheck'. Pass null to disable "keepAliveTimeout": 15000, // Optional. Defaults 61000 "headersTimeout": 20000, // Optional. Defaults 62000 "requestTimeout": 10000 // Optional. Defaults 30000 }, "firewall": { "registry": "https://registry.npmmirror.com", // Remote registry "entrypoint": "https://r.qiwi.com/npm", // Optional. Defaults to `${server.secure ? 'https' : 'http'}://${server.host}:${server.port}${route.base}` "base": "/", // Optional. Defaults to '/' "rules": [ { "policy": "allow", "org": "@qiwi" }, { "policy": "allow", "name": ["@babel/*", "@jest/*", "lodash"] // string[] or "comma,separated,list". * works as .+ in regexp }, { "policy": "deny", "name": "colors", "version": ">= v1.4.0" // Any semver range: https://github.com/npm/node-semver#ranges }, { "policy": "deny", "license": "dbad" // Comma-separated license types or string[] }, { "policy": "allow", "username": ["sindresorhus", "isaacs"] // Trusted npm authors. }, { "policy": "allow", "name": "d", // `allow` is upper, so it protects `< 1.0.0`-ranged versions that might be omitted on next steps "version": "< 1.0.0" }, { "policy": "deny", // Checks pkg version publish date against the range "dateRange": ["2010-01-01T00:00:00.000Z", "2025-01-01T00:00:00.000Z"] }, { "policy": "allow", "age": 5 // Check the package version is older than 5 days. Like quarantine } ] } }

Note: ~ and ^ you see in the dependency versions are notations for version ranges defined in semver as it follows semantic versioning.

To prevent potential breaking changes, when you do a minor update of a dependency, NPM treats versions a bit different:

Yeah, it's basically a wapper around semver package, so the outputs may look familiar to you. But if you need more in your workflows — feel free to open an issue with a feature you’re missing.

We increase the version of our product as specified in SemVer and deploy it to production, preferably following good deployment practices to have no downtime.

Using Conventional Commits ⭐ as a standard for your commit messages, makes Semantic Versioning 🔖 as easy as can be, with tools like Conventional Changelog 📄 Standard Version 🔖 and Semantic Release 📦🚀

Semantic Versioning: for every update (major, minor, or patch) made, increment the version number according to semantic versioning.

npm automates the process of installing, updating, and managing dependencies, which helps to avoid "dependency hell." It supports semantic versioning (semver) that automatically handles patch and minor updates without breaking the existing code, thus maintaining stability across projects. npm also provides the capability to run scripts and commands defined in package.json, which can automate common tasks such as testing, building, and deployment.

We are pleased to introduce Semantic Versioning and release channels to Snyk CLI from v.1.1291.0 onwards. In this blog post, we will share why we are introducing these changes, what problems these changes solve for our customers, and how our customers can opt-in according to their needs.

Following the Semantic Versioning rules, you should raise the version number every time you need to publish your library. In your "package.json" file, you need to change the version number to reflect whether the changes are major, minor, or patch updates.

Semantic Versioning: An established convention for version numbers following the pattern MAJOR.MINOR.PATCH

Increases the major of the latest tag and prints it As per the Semver spec, it'll also clear the pre-release…

The reason for this is that software libraries and package managers, in general, but specifically here, rely on semantic versioning. Semantic versioning is really useful for distributing packages in a predictable way. What does this look like for our project?

For a more detailed and comprehensive guide on semantic versioning, visit https://semver.org